<!--#include file="utf-8.asp"-->
<!--#include file="sql.asp"-->
<!--#include file="conn.asp"-->
<!--#include file="CSQL.asp" -->
<%
set rs=server.createobject("adodb.recordset")
sql="select title,xz,name,tel,mail,body,data from book"
rs.open sql,conn,1,3
title=CSQL(request.form("title"))
xz=CSQL(request.form("xz"))
name=CSQL(request.form("name"))
tel=CSQL(request.form("tel"))
mail=CSQL(request.form("mail"))
body=CSQL(request.form("body"))

if title=""  then 
response.Write("<script language=javascript>alert('留言标题称不能为空!');history.go(-1)</script>") 
response.end 
end if
if name="" then 
response.Write("<script language=javascript>alert('姓名不能为空!');history.go(-1)</script>") 
response.end 
end if
if tel="" then 
response.Write("<script language=javascript>alert('联系电话不能为空!');history.go(-1)</script>") 
response.end 
end if
if cstr(session("GetCode"))<>cstr(request("VerifyCode")) then
   response.write "<script language=javascript> alert('您输入验证码错误，请返回重新输入！');history.go(-1)</script>"
   response.end
end if

rs.addnew
rs("title")=title
rs("xz")=xz
rs("name")=name
rs("tel")=tel
rs("mail")=mail
rs("body")=body
rs.update
rs.close
set rs=nothing
conn.close
set rs=nothing
%>

<%
Response.Write "<script>alert('恭喜！留言成功！');window.location.href='ly.asp';</script>" 
%>

